<?php error_reporting(0); require_once "./vendor/autoload.php"; session_start(); if (isset($_POST['csrf'])) { $phpSessId = sha1(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)); $_SESSION['phpsessid'] = $phpSessId; echo $phpSessId; } elseif ($_POST['phpsessid'] == $_SESSION['phpsessid'] && isset($_POST['email']) && isset($_POST['phpsessid'])) { $userEmail = trim($_POST['email']); $valideEmail = new \Validators\ValidatorService(); $validationStatus = $valideEmail->ValidaMail($userEmail); $response = new stdClass(); if ($validationStatus === 1) { $response->code_operation = "recovery"; $response->status = "false"; echo json_encode($response); } elseif ($validationStatus === 0) { $dbConnection = new \PhpServicesKit\DbConnection\DbConnection(); $checkUserEmailStatus = $dbConnection->checkUserEmail($userEmail); if ($checkUserEmailStatus === 1) { $response->code_operation = "recovery"; $response->status = "false"; echo json_encode($response); } elseif ($checkUserEmailStatus === 0) { $newRecoveryRequest = new \PhpServicesKit\PasswordRecovery\RecoveryService(); $newPasswordRequest = $newRecoveryRequest->createNewPasswordRequest($userEmail); if ($newPasswordRequest === 0) { $response->code_operation = "recovery"; $response->status = "true";
<?php error_reporting(0); require_once "./vendor/autoload.php"; session_start(); if (isset($_POST['csrf_token']) && $_POST['csrf_token'] == "true") { $csrfToken = sha1(mcrypt_create_iv(22, MCRYPT_DEV_URANDOM)); $_SESSION['csrf_token'] = $csrfToken; echo $csrfToken; } elseif (isset($_POST['password']) && isset($_POST['length']) && isset($_POST['email']) && isset($_POST['csrf_token']) && $_POST['csrf_token'] == $_SESSION['csrf_token']) { $password = trim($_POST['password']); $length = trim($_POST['length']); $userEmail = trim($_POST['email']); $myValidator = new \Validators\ValidatorService(); $validationStatus = $myValidator->loginValidator($userEmail, $password, $length); $response = new stdClass(); if ($validationStatus === 1) { $response->code_operation = "login"; $response->status = "false"; $response->description = $myValidator->statusMessage; echo json_encode($response); } elseif ($validationStatus === 0) { $newLogin = new \PhpServicesKit\LoginKit\LogIn(); $responseMessage = $newLogin->doLogin($userEmail, $password); echo json_encode($responseMessage); } else { $response->code_operation = "login"; $response->status = "false"; $response->description = \Messages\MessageService::DEFAULT_ERROR; echo json_encode($response); }
<?php error_reporting(0); require_once "./vendor/autoload.php"; if (isset($_POST["password"]) && isset($_POST['v_password']) && isset($_POST['v_password_strength']) && isset($_POST['password_strength']) && isset($_POST['password_strength']) && isset($_POST['username']) && isset($_POST['email'])) { $passwordForm = trim($_POST['password']); $vPasswordForm = trim($_POST['v_password']); $vPasswordFormStrength = trim($_POST['v_password_strength']); $passwordFormStrength = trim($_POST['password_strength']); $userName = trim($_POST['username']); $userEmail = trim($_POST['email']); $myValidator = new \Validators\ValidatorService(); $validationStatus = $myValidator->registerValidator($userName, $userEmail, $passwordForm, $vPasswordForm, $passwordFormStrength, $vPasswordFormStrength); $response = new stdClass(); if ($validationStatus === 1) { $response->code_operation = "signup"; $response->status = "false"; $response->description = $myValidator->statusMessage; echo json_encode($response); } elseif ($validationStatus === 0) { $newSignup = new \PhpServicesKit\SignupKit\SignUp(); $responseMessage = $newSignup->doSignup($passwordForm, $userName, $userEmail); echo json_encode($responseMessage); } else { $response->code_operation = "signup"; $response->status = "false"; $response->description = \Messages\MessageService::DEFAULT_ERROR; echo json_encode($response); } } else { $response->code_operation = "signup";
require_once './libs/csrf-magic/csrf-magic.php'; require_once './vendor/autoload.php'; //if (!isset($_SERVER['HTTPS']) || !$_SERVER['HTTPS']) { // // request is not using SSL, redirect to https, or fail // header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]); // exit(); //}else if ($_SERVER['REQUEST_METHOD'] == 'POST' && csrf_check() === true && isset($_POST['userEmail']) && isset($_POST['newPassword']) && isset($_POST['vPassword']) && isset($_GET['token'])) { echo "<br>"; echo "restoring password..."; echo "<br>"; $password = trim($_POST['newPassword']); $vPassword = trim($_POST['vPassword']); $userEmail = trim($_POST['userEmail']); $token = trim($_GET['token']); $passwordValidationService = new \Validators\ValidatorService(); $validationStatus = $passwordValidationService->recoveryValidator($userEmail, $password, $vPassword); if ($validationStatus === 0) { $restoreService = new \PhpServicesKit\PasswordRecovery\RecoveryService(); $resetPassword = $restoreService->restoreNewPassword($userEmail, $password, $token); if ($resetPassword === 0) { echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: lawngreen'>Password has been restored successfully</p>\n "; } else { echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: red'>Error restoring password. Try again</p>\n "; } } else { echo "\n <meta name='viewport' content='width=device-width'/>\n <p style='color: red'>Missing data, incorrect or password too weak. You need at least 8 char password</p>\n "; } } elseif (isset($_GET['token'])) { echo ' <!DOCTYPE html>